package com.centit.framework.staticsystem.config;

import com.centit.framework.config.SecurityCasCondition;
import com.centit.framework.security.AjaxAuthenticationFailureHandler;
import com.centit.framework.security.AjaxAuthenticationSuccessHandler;
import com.centit.framework.security.DaoAccessDecisionManager;
import com.centit.framework.security.DaoFilterSecurityInterceptor;
import com.centit.framework.security.DaoInvocationSecurityMetadataSource;
import com.centit.framework.security.model.MemorySessionRegistryImpl;
import com.centit.framework.staticsystem.service.StaticEnvironmentManager;
import com.centit.framework.staticsystem.service.impl.UserDetailsServiceImpl;
import java.util.ArrayList;
import org.jasig.cas.client.session.SingleSignOutFilter;
import org.jasig.cas.client.validation.Cas20ServiceTicketValidator;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Conditional;
import org.springframework.security.authentication.ProviderManager;
import org.springframework.security.cas.ServiceProperties;
import org.springframework.security.cas.authentication.CasAuthenticationProvider;
import org.springframework.security.cas.web.CasAuthenticationEntryPoint;
import org.springframework.security.cas.web.CasAuthenticationFilter;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.web.access.intercept.FilterSecurityInterceptor;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.security.web.authentication.logout.LogoutFilter;
import org.springframework.security.web.authentication.logout.LogoutHandler;
import org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler;

@EnableWebSecurity
@Conditional({SecurityCasCondition.class})
/* loaded from: input_file:com/centit/framework/staticsystem/config/SpringSecurityCasConfig.class */
public class SpringSecurityCasConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    private StaticEnvironmentManager platformEnvironment;

    @Autowired
    private CasAuthenticationEntryPoint casEntryPoint;

    @Autowired
    private CasAuthenticationProvider casAuthenticationProvider;

    @Autowired
    private CasAuthenticationFilter casFilter;

    @Autowired
    private DaoFilterSecurityInterceptor centitPowerFilter;

    public void configure(WebSecurity webSecurity) throws Exception {
        webSecurity.ignoring().antMatchers(new String[]{"/system/login", "/service/exception/**", "/system/login/**"});
    }

    protected void configure(HttpSecurity httpSecurity) throws Exception {
        httpSecurity.csrf().disable().logout().logoutSuccessUrl("/index.jsp").and().exceptionHandling().accessDeniedPage("/service/exception/accessDenied").and().httpBasic().authenticationEntryPoint(this.casEntryPoint);
        httpSecurity.addFilterAt(this.casFilter, UsernamePasswordAuthenticationFilter.class).addFilterBefore(this.centitPowerFilter, FilterSecurityInterceptor.class).addFilterBefore(requestSingleLogoutFilter(), LogoutFilter.class).addFilterBefore(singleLogoutFilter(), CasAuthenticationFilter.class);
    }

    protected void configure(AuthenticationManagerBuilder authenticationManagerBuilder) throws Exception {
        authenticationManagerBuilder.authenticationProvider(this.casAuthenticationProvider);
    }

    @Bean
    public CasAuthenticationEntryPoint casEntryPoint(ServiceProperties serviceProperties) {
        CasAuthenticationEntryPoint casAuthenticationEntryPoint = new CasAuthenticationEntryPoint();
        casAuthenticationEntryPoint.setLoginUrl("https://product.centit.com:8443/cas/login");
        casAuthenticationEntryPoint.setServiceProperties(serviceProperties);
        return casAuthenticationEntryPoint;
    }

    @Bean
    public ServiceProperties casServiceProperties() {
        ServiceProperties serviceProperties = new ServiceProperties();
        serviceProperties.setService("http://codefanpc:8180/msg-delivery/login/cas");
        serviceProperties.setSendRenew(false);
        return serviceProperties;
    }

    @Bean
    /* renamed from: userDetailsService, reason: merged with bridge method [inline-methods] */
    public UserDetailsServiceImpl m0userDetailsService() {
        UserDetailsServiceImpl userDetailsServiceImpl = new UserDetailsServiceImpl();
        userDetailsServiceImpl.setPlatformEnvironment(this.platformEnvironment);
        return userDetailsServiceImpl;
    }

    @Bean
    public CasAuthenticationProvider casAuthenticationProvider(ServiceProperties serviceProperties, UserDetailsServiceImpl userDetailsServiceImpl) {
        CasAuthenticationProvider casAuthenticationProvider = new CasAuthenticationProvider();
        casAuthenticationProvider.setUserDetailsService(userDetailsServiceImpl);
        casAuthenticationProvider.setServiceProperties(serviceProperties);
        casAuthenticationProvider.setTicketValidator(new Cas20ServiceTicketValidator("https://product.centit.com:8443/cas"));
        casAuthenticationProvider.setKey("centit");
        return casAuthenticationProvider;
    }

    @Bean
    public DaoAccessDecisionManager centitAccessDecisionManagerBean() {
        return new DaoAccessDecisionManager();
    }

    @Bean
    public DaoInvocationSecurityMetadataSource centitSecurityMetadataSource() {
        return new DaoInvocationSecurityMetadataSource();
    }

    @Bean
    public MemorySessionRegistryImpl centitSessionRegistry() {
        return new MemorySessionRegistryImpl();
    }

    @Bean
    public DaoFilterSecurityInterceptor centitPowerFilter(ProviderManager providerManager, DaoAccessDecisionManager daoAccessDecisionManager, DaoInvocationSecurityMetadataSource daoInvocationSecurityMetadataSource, MemorySessionRegistryImpl memorySessionRegistryImpl) {
        DaoFilterSecurityInterceptor daoFilterSecurityInterceptor = new DaoFilterSecurityInterceptor();
        daoFilterSecurityInterceptor.setAuthenticationManager(providerManager);
        daoFilterSecurityInterceptor.setAccessDecisionManager(daoAccessDecisionManager);
        daoFilterSecurityInterceptor.setSecurityMetadataSource(daoInvocationSecurityMetadataSource);
        daoFilterSecurityInterceptor.setSessionRegistry(memorySessionRegistryImpl);
        return daoFilterSecurityInterceptor;
    }

    @Bean
    public AjaxAuthenticationFailureHandler ajaxFailureHandler() {
        AjaxAuthenticationFailureHandler ajaxAuthenticationFailureHandler = new AjaxAuthenticationFailureHandler();
        ajaxAuthenticationFailureHandler.setDefaultFailureUrl("/system/mainframe/login/error");
        ajaxAuthenticationFailureHandler.setWriteLog(false);
        return ajaxAuthenticationFailureHandler;
    }

    @Bean
    public AjaxAuthenticationSuccessHandler ajaxSuccessHandler() {
        AjaxAuthenticationSuccessHandler ajaxAuthenticationSuccessHandler = new AjaxAuthenticationSuccessHandler();
        ajaxAuthenticationSuccessHandler.setWriteLog(true);
        return ajaxAuthenticationSuccessHandler;
    }

    @Bean
    public CasAuthenticationFilter casFilter(ProviderManager providerManager, AjaxAuthenticationSuccessHandler ajaxAuthenticationSuccessHandler, AjaxAuthenticationFailureHandler ajaxAuthenticationFailureHandler) {
        CasAuthenticationFilter casAuthenticationFilter = new CasAuthenticationFilter();
        casAuthenticationFilter.setAuthenticationManager(providerManager);
        casAuthenticationFilter.setAuthenticationFailureHandler(ajaxAuthenticationFailureHandler);
        casAuthenticationFilter.setAuthenticationSuccessHandler(ajaxAuthenticationSuccessHandler);
        return casAuthenticationFilter;
    }

    @Bean
    public SingleSignOutFilter singleLogoutFilter() {
        SingleSignOutFilter singleSignOutFilter = new SingleSignOutFilter();
        singleSignOutFilter.setCasServerUrlPrefix("https://product.centit.com:8443/cas");
        return singleSignOutFilter;
    }

    @Bean
    public LogoutFilter requestSingleLogoutFilter() {
        return new LogoutFilter("https://product.centit.com:8443/cas/logout", new LogoutHandler[]{new SecurityContextLogoutHandler()});
    }

    @Bean
    public ProviderManager authenticationManager(CasAuthenticationProvider casAuthenticationProvider) {
        ArrayList arrayList = new ArrayList();
        arrayList.add(casAuthenticationProvider);
        return new ProviderManager(arrayList);
    }
}
